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1 . (Currently amended) A method for authenticating a user of a computer, the method 
comprising: 

transmitting a signal having a challenge string and a first encryption key; 
receiving a login packet having the challenge string and a password that is encrypted 
using the first encryption key and a hash of at least the challenge string and th e p assword; 
decrypting the password; 

receiving information from an authentication provider; and 

authenficating the password by using the information received fi-om the authentication 
provider. 

2. (Currently amended) The method of claim 1, A method for authenticating a user of 
a computer, the method comprising: 

transmitting a signal having a challenge string and a first encryption key; 

receiving a login packet having the challenge string a nd a password that is 
encrypted using the first encryption key; 

decrypting the password: 

receiving information from an authentication p rovider: and 
authenticating the password bv using the inform ation received from the 

authentication provider 

wherein transmitting a signal having a challenge string comprises transmitting an 

applet having a sequence number. 
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3. (Currently amended) Tho method of claim 1, A method for authenticatin g a user of 
a computer, the method comprising: 

transmitting a signal having a challenge strin g and a first encryption key; 

receiving a login packet haying the challeng e string and a password that is 
encrypted using the first encryption key; 

decrypting the password; 

receiving information fi-om an authentication pro vider; and 
authenticating the password bv using the information received fi-om the 
authentication provider 

wherein transmitting a signal having a challenge string comprises transmitting ar 

applet having a session identifier. 

4. (Original) The method of claim 1 , wherein receiving a login packet comprises 
receiving fi-om a computer a login packet having a challenge string, a user name, a 
password, wherein the challenge string, the user name, and the password are encrypted 
using the first encryption key. 

5. (Currently amended) The method of claim 4, wherein receiving a login packet 
comprises receiving fi-om a computer a login packet having a hash of the a session 
identification, the user name, and the password. 
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6. (Original) A method for authenticating a user of a computer over a computer 
network, the method comprising: 

transmitting to the computer a signal having a unique session identifier and a first 
encryption key; 

receiving from the computer a login packet having the session identification, a 
user name, a password and a first hash of the session identification, the user name, and 
the password, wherein the session idenfificafion, the user name, and the password are 
encrypted using the first encryption key; 

decrypting the session identification, the user's name, and the password contained 
in the packet; 

receive information firom an authentication provider; and 
authenticating the user's name and the password by using the information 
provided by the authentication provider. 

7. (Original) The method of claim 6, wherein authenticaring the user's name and the 
password by using the information provided by the authentication provider comprises: 

receiving from the authentication provider a second encryption key; 

encrypting the user name and the password using the second encryption key and 
transmitting the encrypted user name and password to the authentication provider; 

receiving from the authentication provider a second hash of the password and a 
character string; and 

determining fi*om the second hash if the password is correct. 
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8. (Original) The method of claim 6, further comprising: 

transmitting to the computer a form and a second unique sequence identification; 

receiving, from the computer, response data to the form and a third hash of the 
second unique sequence identification, the user password, and fields and values entered 
on the form; and 

authenticating the fields and the values entered on the form. 

9. (Original) The method of claim 6, wherein the authentication provider includes an 
authentication server. 

1 0. (Original) The method of claim 7, wherein the authentication provider includes an 
authentication server. 

1 1 . (Original) The method of claim 6, wherein the authentication provider includes a 
software program in communication with the computer network. 

12. (Original) The method of claim 6, wherein the authentication provider includes a 
software program in communication with the computer network. 

1 3 . (Original) The method of claim 7, wherein the first hash and the second hash both 
include an MD5 hash. 
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14. (Original) The method of claim 7, further comprising changing the first and the 
second encryption keys on a predetermined basis. 

15. (Currently amended) A system for authenticating a user of a computer coupled to a 
computer network, the system comprising: 

a web server coupled to the computer network, wherein the web server is 

programmed to: 

transmit a signal having a challenge string and a first encryption key; 

receive a login packet having the challenge string and a password that is 
encrypted using the first encryption key and a hash of a t least the challenge string and the 
password ; 

decrypt the password; 

receive information fi-om an authentication provider; and 
authenticate the password by using the information provided by the authentication 
provider. 
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16. (Currently amended) Th e sy s t e m of claim 15, A system for authenticating a user 
of a computer coupled to a computer network, the system comprising: 

a web server coupled to the computer network, wherein the web server is 
programmed to: 

transmit a signal having a challenge string and a first encryption key; 
receive a login packet having the challenge string and a password that is 
encrypted using the first encryption key; 
decrypt the password; 

receive information from an authentication provider; and 

authenticate the password by using the information provided by the authentication 
provider 

wherein the signal is an applet and the challenge string includes a sequence 
number. 
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17. (Currently amended) The o y s t o m of claim 15, A system for authenticating a user 
of a computer coupled to a computer network, the system comprising: 

a web seryer coupled to the computer network, whe rein the web seryer is 
programmed to: 

transmit a signal having a challenge string and a first encryption key; 
receiye a login packet haying the challenge string an d a password that is 
encrypted using the first encryption key; 
decrypt the password: 

receive information firom an authentication provider; and 

authenticate the password bv using the information provided by the authentication 
provider 

wherein the signal is an applet and the challenge string includes a session 
identifier. 

18. (Currently amended) The system of claim 15, wherein the login packet fiarther 
comprises a user name and #ie a session identification and wherein the user name and the 
password are encrypted using the first encryption key. 

1 9. (Original) The system of claim 1 8, wherein the login packet fiirther comprises a 
hash of the session identification, the user name, and the password. 
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20. (Original) A system for authenticating a user of a computer over a computer 
network coupled to a security server, the system comprising: 

a web server coupled to the computer and the computer network, wherein the web 
server is programmed to: 

transmit to the computer a signal having a unique session identification and a first 

encryption key and; 

receive from the computer a login packet having the session identification, a user 
name, a password and a first hash of the session identification, the user name, and the 
password, wherein the session identification, the user name, and the password are 
encrypted using the first encryption key; 

decrypt the session identification, the user's name, and the password contained in 
the packet; 

receive information from an authentication provider; and 

authenticate the user's name and the password by using the information provided 
by the authentication provider. 
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21 . (Original) The system of claim 20, wherein to authenticate the user's name and the 
password by using the information provided by the authentication provider, the web 

server is programmed to: 

receive from the authentication provider a second encryption key; 

encrypt using the second encryption key and transmit to the authentication 
provider the user name and the password; 

receive from the authentication provider a second hash of the password and a 

character string; and 

determine from the second hash if the password is correct. 

22. (Original) The system of claim 20, wherein the authentication provider includes an 
authentication server. 

23. (Original) The system of claim 20, wherein the authentication provider includes a 
software program in communication with the computer network. 

24. (Original) The system of claim 21, wherein the authentication provider includes an 
authentication server. 

25. (Original) The system of claim 21 , wherein the authentication provider includes a 
software program in communication with the computer network. 
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26. (Original) The system of claim 20, wherein the web server includes a computer 
program installed on the computer. 



27. (Original) The system of claim 21 , wherein the first and the second encryption keys 
are changed on a predetermined basis. 

28. (Currently amended) An article of manufacture, comprising: 

a computer readable medium having computer readable program code for 
authenticating a user of a client computer over a computer network, the computer 
readable program code including instructions for: 

causing the a computer system to transmit a signal having a challenge string and a 
first encryption key; 

causing the computer system to receive a login packet having the challenge string 
and a password that is encrypted using the first encryption key and a hash of at least the 
challenge string and the password ; 

causing the computer system to decrypt the password; 

causing the computer system to receive information firom an authentication 
provider; and 

causing the computer system to authenticate the password by using the 
information provided by the authentication provider. 
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29. (Currently amended) The article of manufacture of claim 28, wherein the 
computer readable program code having instructions for causing the computer system to 
receive a login packet comprises causing the computer system to receive from a computer 
a login packet having a challenge string, a user name, a password, wherein the a session 
identification, the user name, and the password are encrypted using the first encryption 
key. 

30. (Original) The method of claim 28, wherein the computer readable program code 
having instructions for causing the computer system to receive a login packet comprises 
causing the computer system to receive from a computer a login packet having a hash of 
the session identification, the user name, and the password. 
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3 1 . (Original) An article of manufacture, comprising: 

a computer readable medium having computer readable program code for 
authenticating a user of a client computer over a computer network, the computer 
readable program code including instructions for: 

causing the computer system to transmit to the client computer a signal having a 
unique session identification and a first encryption key; 

causing the computer system to receive from the client computer a login packet 
having the session identification, a user name, a password and a first hash of the session 
identification, the user name, and the password, wherein the session identification, the 
user name, and the password are encrypted using the first encryption key; 

causing the computer system to decrypt the session identification, the user's 
name, and the password contained in the packet; and 

causing the computer system to receive information from an authentication 

provider; and 

causing the computer system to authenticate the user's name and the password by 
using the information provided by the authentication provider. 
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32. (Original) The article of manufacture of claim 3 1 , wherein the instructions for 
causing the computer system to authenticate the user's name and the password by using 
the information provided by the authentication provider comprises: 

causing the computer system to receive from the authentication provider a second 
encryption key; 

causing the computer system to encrypt using the second encryption key and 
transmit to the authentication provider the user name and the password; 

causing the computer system to receive from the authentication provider a second 
hash of the password and a character string; and 

causing the computer system to determine from the character string if the 
password is correct. 

33. (Original) The article of manufacture of claim 3 1 , wherein the computer 
readable program code further comprises instructions for: 

causing the computer system to change the first and the second encryption keys 
on a predetermined basis. 
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34. (Original) The article of manufacture of claim 3 1 , wherein the computer 
readable program code further comprises instructions for: 

causing the computer system to transmit to the client computer a form and a 
second unique sequence identification; 

causing the computer system to receive from the client computer response data to 
the form and a hash of the second unique sequence identification, the user password, and 
fields and values entered on the form; and 

causing the computer system to authenticate the fields and the values entered on 

the form. 
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